Security Research Laboratory and Education Center

The world-class research center at Purdue University is getting serious about cutting edge development of security related projects.

Security Archive

During the past several years, students at Purdue have been
maintaining the Internet's largest on-line archive of
security-related tools, papers, standards, advisories and other
materials. The main problem they face is the efficient management
of such highly dynamic information. The group will mirror
constantly changing sites and will maintain the most recent copies
of those sites. Additionally, new sites are continually starting
up—new papers, new tools and more information that must be added
to the archive.

The other major concern is being able to find what they are
looking for in the archive. With so much information, it is
difficult to navigate through all the data. The Archive group has
used a combination of Red Hat Linux 5.2 and the open source ROADS
(see Resources) document ordering system to build the prototype.
This will transform the FTP-based archive to an HTTP-based
information system, allowing users to search based on different
criteria or enter a Yahoo-like browsing mode. The group always
welcomes contributions and suggestions
(security-archives@cs.purdue.edu).

Tripwire

One of COAST's better-known projects is Tripwire. It was
primarily a project of Gene Kim and Professor Gene Spafford. The
product is now used worldwide and is the most widely deployed
intrusion detection security tool. Tripwire is an integrity
monitoring tool for Linux and other UNIX systems. It uses message
digest algorithms to detect tampering with file contents that might
have been caused by an intruder or virus. In December 1997, Visual
Computing Corporation obtained an exclusive license from Purdue
University to develop and market new versions of the product.
Tripwire IDS 1.3 has been released for Linux. For more information,
see the web site http://www.tripwiresecurity.com/.

Underfire

The Underfire team consists of seven graduate and
undergraduate students. Their goals are to gain direct experience
in the installation, evaluation, configuration and usage of
different firewall systems; to investigate new technologies for
network perimeter defenses, including next-generation networks such
as ATM; and to investigate the integration of host- and
network-based security mechanisms with network perimeter defenses.
Underfire is an ongoing project which began in 1997.

The Underfire team's main goal is to create an architecture
for automated firewall testing. The final product will be an engine
that will test a firewall without human interaction. This will be
achieved with a modular system: the engine, a packet sniffer and
scripted attacks. The engine executes the attacks and uses the
packet sniffer, or other networking protocols, to test the success
or failure of the attack. Finally, a report can be automatically
generated that explains the weak points of the firewall based on
the attack data.

Having finished the design and initial implementation of the
engine, the Underfire team is currently scripting known attacks.
The automatic report generator is something that will also need to
be completed in the future. Until now, Underfire has taken only
protocol level attacks into account; a future step will be to
extend the tests to the application level such as RPC and
X11.

Next Generation Authentication

The need to change the old-fashioned login name and password
procedure of authentication is an obvious place to base research
for the laboratory. By using biometrics devices and tokens such as
smart cards and iButtons, several research and application
development projects can be conducted in this area. Security tokens
under Linux will provide a wide array of security features for the
multiuser operating system.

One of the COAST students heads the MUSCLE project (Movement
for the Use of Smart Cards in a Linux Environment), one way to
integrate security tokens into the Linux environment. MUSCLE
focuses on smart card and biometrics security under Linux and
consists of several projects. The first is standardizing on a
PC/SC-compliant smart card resource manager written in C++, along
with cryptographic libraries based on the Public-Key Cryptography
Standards (PKCS-11 and PKCS-15). The resource manager also allows
secure remote authentication by using secure channels to
communicate between multiple resource managers. The resource
manager will be used to develop many applications, including secure
login, ssh, xlock, FTP, TELNET, et al., via pluggable
authentication modules (PAM) along with smart card security.

MUSCLE supports a wide array of smart card readers along with
ISO-7816-4-compliant smart cards. On the web site, you can find
many different smart card specifications, source code for different
projects, on-line tutorials and a mailing list. MUSCLE can be found
at http://www.linuxnet.com/.

hi..,
my self nilesh namdeorao kothekar. in india i am studying in diploma in computer engineering, and i will create a my carrier in computer security in linux. then please guidance me. What are i doing....